YoVDO

Sandbagility - Reverse Engineering Framework for Windows Dynamic Analysis

Offered By: Recon Conference via YouTube

Tags

REcon Conference Courses Cybersecurity Courses Reverse Engineering Courses Malware Analysis Courses Dynamic Analysis Courses

Course Description

Overview

Explore a hybrid solution for malware reverse engineering in this 30-minute conference talk from Recon Conference. Dive into Sandbagility, a Hypervisor-based introspection framework for Microsoft Windows that bridges the gap between dynamic and sandbox analysis. Learn how this Python-based tool, built on a modified VirtualBox hypervisor, offers a stealthy, adaptive, and user-friendly approach to reduce analysis time. Follow along with a practical case study of the WannaCry ransomware to understand the framework's capabilities and potential applications in cybersecurity and malware analysis.

Syllabus

Sandbagility - Reverse Engineering Framework for Windows dynamic analysis by F.Khourbiga & E.Deligne


Taught by

Recon Conference

Related Courses

Harnessing Intel Processor Trace on Windows for Fuzz
Recon Conference via YouTube Reverse Engineering Satellite Based IP Content Distribution
Recon Conference via YouTube Reverse Engineering Windows Defender's JavaScript Engine
Recon Conference via YouTube DIY ARM Debugger for Wi-Fi Chips
Recon Conference via YouTube Subverting Your Server Through Its BMC - The HPE iLO4 Case
Recon Conference via YouTube